{"id":966,"date":"2015-05-06T08:21:08","date_gmt":"2015-05-06T08:21:08","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=966"},"modified":"2015-05-06T08:21:08","modified_gmt":"2015-05-06T08:21:08","slug":"lynis-security-auditing-tool-for-unixlinux","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=966","title":{"rendered":"Lynis  &#8211; Security Auditing Tool for Unix\/Linux"},"content":{"rendered":"<p><strong>Lynis<\/strong> is a <em>security auditing tool<\/em> for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration, This tool commonly used by network administrator\/system admin, security professionals and pentester\/auditor to evaluate linux\/unix\u00a0system.<br \/>\n<strong>Requirements:<\/strong> Shell and basic utilities<br \/>\n<strong>Permissions:<\/strong> Root permissions or normal user<br \/>\n<strong>Operating System Supported:<\/strong><\/p>\n<ul>\n<li>AIX<\/li>\n<li>FreeBSD<\/li>\n<li>HP-UX<\/li>\n<li>Linux<\/li>\n<li>Mac OS<\/li>\n<li>NetBSD<\/li>\n<li>OpenBSD<\/li>\n<li>Solaris<\/li>\n<\/ul>\n<p>&nbsp;<br \/>\nThe new version of Lynis \u00a0Security Auditing Tool was already release: <strong>Lynis 2.1.0<\/strong><br \/>\nChangelog:<\/p>\n<pre>\nSecurity Auditing Tool= Lynis 2.1.0 (2015-04-16) \nGeneral:\n---------\nScreen output has been improved to provide additional information.\nOS support:\n------------\nCUPS detection on Mac OS has been improved. AIX systems will now use csum\nutility to create host ID. Group check have been altered on AIX, to include\nthe -n ALL. Core dump check on Linux is extended to check for actual values\nas well.\nSoftware:\n----------\nMcAfee detection has been extended by detecting a running cma binary.\nImproved detection of pf firewall on BSD and Mac OS. Security patch checking\nwith zypper extended.\nSession timeout:\n-----------------\nTests to determine shell time out setting have been extended to account for\nAIX, HP-UX and other platforms. It will now determine also if variable is\nexported as a readonly variable. Related compliance section PCI DSS 8.1.8\nhas been extended.\nDocumentation:\n---------------\n- New document: Getting started with Lynis\nhttps:\/\/cisofy.com\/documentation\/lynis\/get-started\/\nPlugins (Enterprise):\n----------------------\n- Update to file integrity plugin\nChanges to PLGN-2606 (capabilities check)\n- New configuration plugins:\nPLGN-4802 (SSH settings)\nPLGN-4804 (login.defs)\n<\/pre>\n<p>1. Installation via direct download<br \/>\nCreate a Directory<\/p>\n<pre class=\"\">mkdir -p \/usr\/local\/lynis\ncd \/usr\/local\n<\/pre>\n<p>2. Download Lynis here: https:\/\/cisofy.com\/download\/lynis\/<\/p>\n<pre> wget https:\/\/cisofy.com\/files\/lynis-.tar.gz\ncurl https:\/\/cisofy.com\/files\/lynis-.tar.gz -o lynis-version.tar.gz\n<\/pre>\n<p>3. Unpack the tarball<\/p>\n<pre tar=\"\" xfvz=\"\" lynis-=\"\" version=\"\">.tar.gz\n<\/pre>\n<p>4. After unpacking, it is time to run Lynis for the first time.<\/p>\n<pre> .\/lynis\n<\/pre>\n<p>Lynis can run without any preconfiguration. Configuration and fine-tuning is possible though and will be covered in later sections. For now we will run a basic scan:<\/p>\n<pre>lynis audit system\n<\/pre>\n<p>Common parameters:<br \/>\nBelow the most commonly used parameter when running Lynis.<br \/>\n&nbsp;<\/p>\n<table class=\"shadowed\">\n<tbody>\n<tr>\n<td class=\"section\">Parameter<\/td>\n<td class=\"section\">Abbreviated<\/td>\n<td class=\"section\">Description<\/td>\n<\/tr>\n<tr>\n<td>&#8211;auditor &#8220;Given name Surname&#8221;<\/td>\n<td><\/td>\n<td>Assign an auditor name to the audit (report)<\/td>\n<\/tr>\n<tr>\n<td>&#8211;checkall<\/td>\n<td>-c<\/td>\n<td>Start the check<\/td>\n<\/tr>\n<tr>\n<td>&#8211;check-update<\/td>\n<td><\/td>\n<td>Check if Lynis is up-to-date<\/td>\n<\/tr>\n<tr>\n<td>&#8211;cronjob<\/td>\n<td><\/td>\n<td>Run Lynis as cronjob (includes -c -Q)<\/td>\n<\/tr>\n<tr>\n<td>&#8211;help<\/td>\n<td>-h<\/td>\n<td>Shows valid parameters<\/td>\n<\/tr>\n<tr>\n<td>&#8211;manpage<\/td>\n<td><\/td>\n<td>View man page<\/td>\n<\/tr>\n<tr>\n<td>&#8211;nocolors<\/td>\n<td><\/td>\n<td>Do not use any colors<\/td>\n<\/tr>\n<tr>\n<td>&#8211;pentest<\/td>\n<td><\/td>\n<td>Perform a penetration test scan (non-privileged)<\/td>\n<\/tr>\n<tr>\n<td>&#8211;quick<\/td>\n<td>-Q<\/td>\n<td>Don&#8217;t wait for user input, except on errors<\/td>\n<\/tr>\n<tr>\n<td>&#8211;quiet<\/td>\n<td><\/td>\n<td>Only show warnings (includes &#8211;quick, but doesn&#8217;t wait)<\/td>\n<\/tr>\n<tr>\n<td>&#8211;reverse-colors<\/td>\n<td><\/td>\n<td>Use a different color scheme for lighter backgrounds<\/td>\n<\/tr>\n<tr>\n<td>&#8211;version<\/td>\n<td>-V<\/td>\n<td>Check program version (and quit)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>Tips<\/strong><\/p>\n<ul>\n<li>If Lynis is not installed as package (with included man page), use <strong>&#8211;man<\/strong> or <strong>nroff -man .\/lynis.8<\/strong><\/li>\n<li>For systems where the shell background is light, use <strong>&#8211;nocolors<\/strong> or <strong>&#8211;reverse-colors<\/strong><\/li>\n<li>Use <strong>&#8211;dump-options<\/strong> to see all available parameters of Lynis<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration, This tool commonly used by network administrator\/system admin, security professionals and pentester\/auditor to evaluate linux\/unix\u00a0system. Requirements: Shell and basic utilities Permissions: Root permissions or normal user Operating System Supported: AIX FreeBSD HP-UX Linux Mac<\/p>\n","protected":false},"author":1,"featured_media":967,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[384,154,431],"tags":[429,430],"class_list":["post-966","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-security","category-pentesting-tools","category-vulnerability-analysis","tag-auditing-tools","tag-lynis"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/966","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=966"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/966\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=966"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=966"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=966"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}